> Of course, limiting things so that you cannot map the same page> executably *and* writably is one solution - and a good idea regardless> - so secure environments can still exist. But even then you could have> races in a multi-threaded environment (they'd just be *much* harder to> trigger for an attacker).

Gratuitous SELinux for the win e-mail! (Feel free to delete now) Wetypically, for all confined domains, do not allow mapping anonymousmemory both W and X. Actually you can't even map it W and then map itX...

Now if there is file which you have both W and X SELinux permissions(which is rare, but not impossible) you could map it in two places. Sowe can (and do) build SELinux sandboxes which address this.